Intercom

Description Features Permissions Security & Compliance

Intercom is the AI customer service company. Customers can use Intercom’s native integration for Slack to create, reply to, and resolve Slack conversations alongside all other channels—in one omnichannel platform. Customers can stay in Slack while your support team manages everything from Intercom.Intercom’s integration for Slack brings Fin, the #1 AI agent for customer service, directly in Slack. Fin delivers instant, accurate answers on Slack, scaling AI-first customer service to your busiest communities and threads.AI Accuracy disclaimer: Output may contain material inaccuracies and may not reflect correct, current or complete information. Do not rely, or encourage others to rely, on any Output without independently evaluating its accuracy and appropriateness of use, including, without limitation, by using human review. Intercom makes no representations or warranties and provides no indemnities with respect to Output. The AI Products and Output are not intended to substitute for the services of properly trained and licensed individuals.

Intercom will be able to view:

Intercom will be able to do:

Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.

General

Privacy & data governance

Data retention policy

Intercom's data retention policy is designed to comply with GDPR. Here's a summary based on the information I found: Visitor Data: To comply with GDPR retention requirements, Intercom automatically deletes all records and event history for visitors who have not been seen for 9 months. Workspace Data: When a workspace is voluntarily deleted by its teammates, all associated data is deleted within 30 days. All workspace data, including inactive ones, is deleted after 180 days of inactivity. General Policy: Intercom's Terms and Policies state that it does not provide an archiving service and will not intentionally delete customer data before the end of a customer's subscription term. Links: https://www.intercom.com/blog/data-privacy-compliance/ https://www.intercom.com/help/en/collections/572-data-protection

Data archiving and removal policy

Archiving a user or lead is considered a "soft delete" which temporarily removes them from visibility and statistics, but their data is not permanently deleted. If the user returns, their profile and associated data are fully restored. To comply with GDPR, Intercom automatically deletes the entire record and event history of visitors who have not been seen for 9 months. If a visitor returns after this period, they are treated as a new visitor. Workspace data is deleted within 30 days if a workspace is electively deleted by its teammates. Workspaces and all related data are deleted after 180 days of inactivity. Links: https://www.intercom.com/blog/data-privacy-compliance/ https://www.intercom.com/help/en/articles/3687072-how-to-delete-your-workspace-data

Data storage policy

When Intercom is installed on a website, it automatically tracks and stores certain standard user data. To comply with GDPR, Intercom automatically deletes data that is no longer required or used. Specifically, data for visitors who have not been active for 9 months is automatically removed, including their entire record and event history. If a visitor returns after this period, they will be treated as a new visitor. This expiration policy applies only to visitor data, not user data. Standard data tracked by Intercom includes name, email, phone number, web sessions, and last seen/first seen dates, among other fields. Intercom notes that for privacy and security, it does not provide the IP addresses of users or visitors. Links: https://www.intercom.com/blog/data-privacy-compliance/ https://www.intercom.com/help/en/articles/1722980-how-intercom-tracks-and-stores-data

Data center location(s)

United States, Australia, Ireland

Data hosting company

AWS, PlanetScale

App/service has sub-processors

yes

Guidelines for sub-processors

https://www.intercom.com/legal/subprocessors-list

App/service uses large language models (LLM)

yes

LLM model(s) used

OpenAI, Anthropic

LLM retention settings

Intercom's LLM providers operate with a zero data retention policy for customer messages and responses. Customer data is used only temporarily to generate a response and is then deleted.

LLM data tenancy policy

Intercom uses a multi-tenant architecture with logical isolation. This ensures that even on shared infrastructure, each customer's LLM data is securely isolated. Data is never mixed, nor is it used to train models that could expose one customer's info to

LLM data residency policy

Intercom offers customers the choice to host their workspace and associated data in one of three AWS facilities: the US, EU, or Australia. For AI features, like OpenAI, Intercom ensures that data processing also occurs within the same specified region.

Certifications & compliance

Security